Answer the question
In order to leave comments, you need to log in
S
S
sp9999992020-01-27 10:53:56
sp999999, 2020-01-27 10:53:56
How to track external IPs in Windows Terminal Server logs?
The question is simple.
The server is behind a router with NAT and writes the address of the router in the log for all RDP sessions, but you need to track external IP addresses in order to understand which user comes from which addresses.
It is difficult to do monitoring on the router, because. there will be no usernames.
Server - Windows Server 2016
Router - FortiGate 30E
1 answer(s)
@mumische
M
mumische, 2020-01-30 @mumische
The server sees what it writes, you won't do anything on it. You need to look at the settings of the router, lay them out. I'm not strong in FortiGate, but afaik they have two types of publication - virtual ip, when destination nat is used - in this case, the source address will be the address of the client, the second - virtual server, which is inherently a balancer.
Instead of directly publishing a terminal server on the Internet, MS still recommends using RD Gateway.
Similar questions
R
S
A
R
N
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question